Leadfyy.co
/
lanzu_api_2021-12-26
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 Commits
5 Branches
0 Tags
2.0 MiB
Tree: 044a013edc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '044a013edc'
${ noResults }
lanzu_api_2021-12-26/app/Middleware/Auth/ApiMiddleware.php

98 lines
2.5 KiB
Raw Normal View History

新增中间件验证接口请求
5 years ago
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Middleware\Auth;
  7. use Hyperf\HttpServer\Contract\RequestInterface as HttpRequest;
  8. use Hyperf\HttpServer\Contract\ResponseInterface as HttpResponse;
  9. use Psr\Container\ContainerInterface;
  10. use Psr\Http\Message\ResponseInterface;
  11. use Psr\Http\Server\MiddlewareInterface;
  12. use Psr\Http\Message\ServerRequestInterface;
  13. use Psr\Http\Server\RequestHandlerInterface;
  15. class ApiMiddleware implements MiddlewareInterface
  16. {
  17. /**
  18. * @var ContainerInterface
  19. */
  20. protected $container;
  22. /**
  23. * @var HttpResponse
  24. */
  25. protected $response;
  27. /**
  28. * @var HttpRequest
  29. */
  30. protected $request;
  32. public function __construct(ContainerInterface $container, HttpResponse $response, HttpRequest $request)
  33. {
  34. $this->container = $container;
  35. $this->response = $response;
  36. $this->request = $request;
  37. }
  39. public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
  40. {
  42. if (env('APP_ENV') == 'dev') {
  43. return $handler->handle($request);
  44. }
  46. // 签名校验
  48. # 获取参数
  49. $params = $this->request->all();
  51. # 必须参数,签名、时间戳、随机数
  52. if (!(isset($params['sign'])&&isset($params['timestamp'])&&isset($params['rand']))) {
  54. $content = [
  55. "status" => 'ok',
  56. "code" => 9001,
  57. "result" => [],
  58. "message" => '接口验签失败:缺少参数'
  59. ];
  61. return $this->response->json($content);
  62. }
  64. if (!$this->checkSign($params)) {
  66. $content = [
  67. "status" => 'ok',
  68. "code" => 9002,
  69. "result" => [],
  70. "message" => '接口验签失败:签名错误或已失效'
  71. ];
  73. return $this->response->json($content);
  74. }
  76. return $handler->handle($request);
  77. }
  79. private function checkSign($params)
  80. {
  81. $sign = $params['sign'];
  82. unset($params['sign']);
  83. $timestamp = $params['timestamp'];
  85. if (empty($sign) || ($timestamp+config('autoload.auth.api.sign.expire')) < time()) {
  86. return false;
  87. }
  89. ksort($params);
  90. $params = http_build_query($params);
  92. return $sign == $this->signature($params);
  93. }
  95. private function signature($http_query)
  96. {
  97. return sha1(md5($http_query).config('autoload.auth.api.sign.secret_key'));
  98. }
  99. }